Lucene search
K

9 matches found

NVD
NVD
added 2026/06/24 7:16 a.m.8 views

CVE-2026-11370

The WP Meta SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.5.18 via the 'newlink' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations...

6.4CVSS0.00242EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/24 5:33 a.m.7 views

EUVD-2026-38660

The WP Meta SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.5.18 via the 'newlink' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations...

6.4CVSS6AI score0.00242EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.32 views

CVE-2026-11370 WP Meta SEO <= 4.5.18 - Authenticated (Contributor+) Server-Side Request Forgery via 'new_link' Parameter

The WP Meta SEO plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.5.18 via the 'newlink' parameter. This makes it possible for authenticated attackers, with contributor-level access and above, to make web requests to arbitrary locations...

6.4CVSS0.00242EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.9 views

PT-2026-51669

Name of the Vulnerable Software and Affected Versions WP Meta SEO versions prior to 4.5.19 Description The plugin is susceptible to Server-Side Request Forgery SSRF, a flaw that allows an attacker to induce the server-side application to make requests to an unintended location. Authenticated user...

6.4CVSS5.9AI score0.00242EPSS
Exploits0References8
EUVD
EUVD
added 2025/11/13 3:23 a.m.1 views

EUVD-2025-176526

Malicious code in sanitize-new-link-code-void npm...

6.6AI score
Exploits0
NVD
NVD
added 2025/09/23 6:15 a.m.7 views

CVE-2025-39874

In the Linux kernel, the following vulnerability has been resolved: macsec: sync features on RTMNEWLINK Syzkaller managed to lock the lower device via ETHTOOLSFEATURES: netdevlock include/linux/netdevice.h:2761 inline netdevlockops include/net/netdevlock.h:42 inline netdevsynclowerfeatures...

5.5CVSS0.00119EPSS
Exploits0References2
wpexploit
wpexploit
added 2023/08/21 12:0 a.m.139 views

URL Shortify < 1.7.6 - Unauthenticated Stored XSS via referer header

Description The plugin does not properly escape the value of the referer header, thus allowing an unauthenticated attacker to inject malicious javascript that will trigger in the plugins admin panel with statistics of the created short link. 1. Add a new shortened link in the interface...

6.1CVSS6.4AI score0.00735EPSS
Exploits2
Microsoft KB
Microsoft KB
added 2022/01/11 8:0 a.m.75 views

Description of the security update for SharePoint Server Subscription Edition: January 11, 2022 (KB5002111)

Description of the security update for SharePoint Server Subscription Edition: January 11, 2022 KB5002111 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability and Microsoft Office remote code execution vulnerability. To learn more about the...

9CVSS10AI score0.03115EPSS
Exploits0
Exploit DB
Exploit DB
added 2010/03/11 12:0 a.m.31 views

ANE CMD CRSF - Arbitrary Add Admin

======================================================================= AneCMS CSRF Vulnerability ======================================================================= by Pratul Agrawal Vulnerability found in- Admin module email [email protected] company aksitservices Credit by Pratul Agrawal...

7.4AI score
Exploits0
Rows per page
Query Builder